HACKING NEWS

$ 7.5m kilo X hacking inside

By 3 Mins Read
$ 7.5m kilo X hacking inside

On April 14, 2025, the KiloEX protocol suffered a loss of $ 7.5 million for significant violations of security. This event comes from the Oracle operation attack and emphasizes the important vulnerabilities of the protocol access control mechanism. Let’s find out what happened and what we can learn.

Root cause

The root of the exploit was the access control of the protocol. MinimalForwardercontract. Contract inherited from Openzeppelin ‘s MinimalForwarderUpgradeable It contains vulnerabilities executeA function that does not correctly check the signature of the data provided.

Trust model

The KiloEX protocol was operated as a complex trust model related to multiple contracts.

  • KilopriceFeed → Goalkeeper
  • Goalkeeper → Position Keeper
  • Position Keeper → Minimum forward
  • Minimum forward → Unlimited access

Critical defects are in the final link of this chain. MinimalForwarder contract I trusted the request that comes in.

Attack vector

The attacker exploited vulnerabilities by producing malicious transactions that detour intended access controls. You just need to offer the attack successfully.

  1. valid from Address (it can be obtained from previous transactions)
  2. valid signature (Also observed in the warm chain data)
  3. All arbitrary to Address (in this case Position keeper))
  4. custom data To run the function

Especially this attack MinimalForwarder The contract was not transparent and could not be found on the BSC or base.

Running attack

The attacker has been exploited through a series of calculated stages.

  1. We manipulated Oracle to lower asset prices.
  2. I opened a long position at an artificially low price.
  3. In order to raise the price, we manipulated Oracle again.
  4. Closed location for significant profits

Influence and meaning

This case reminds me of some important security principles.

  1. Access control is important Even inherited contracts require careful review and potential modifications to meet specific security requirements.
  2. Trust model verification -The complex trust relationship between contracts requires thorough verification at each stage.
  3. Oracle security -The price feed mechanism remains an important attack vector in the Defi protocol.

Evidence

The attack has been run in several chains.

Binance Smart Chain:

base:

Main takeout

  • Always review and test inherited contracts, especially access control mechanisms.
  • For security analysis, you should be able to identify and access contract implementation.
  • It is dangerous to rely on a single access control point. Implement a deep defense.

conclusion

For protocols to prevent similar events:

  1. Implement a strong signature verification in the contract delivery
  2. Keep a clear document on trust relationship between contracts
  3. Regular security audit focused on access control mechanisms
  4. Consider the implementation of the circuit breaker for significant price fluctuations.

This event shows the potential result of overlooking the importance of thorough security and the development of smart contracts.

Share.

Related Posts

Add A Comment

Comments are closed.